require 'login_system'

# Filters added to this controller will be run for all controllers in the application.
# Likewise, all the methods added will be available for all controllers.
class ApplicationController < ActionController::Base
  # Pick a unique cookie name to distinguish our session data from others'
  # session :session_key => '_ptm_session_id'
  self.allow_forgery_protection = false
  layout 'general'
  include LoginSystem
  before_filter :disable_link_prefetching
  before_filter :log_action

  auto_complete_for :task, :title

  PROGRESS_TODO     = 0
  PROGRESS_BEGUN    = 1
  PROGRESS_DONE     = 2
  PROGRESS_GIVENUP  = 3
  
  def auto_complete_for_task_title
    re = Regexp.new("#{params[:task][:title]}", "i")
    p_ids = User.find(session['user']).active_projects_ids.join(',')
    render :nothing=>true and return if p_ids == ''
    @tasks = Task.find(:all,:conditions=>"project_id in (#{p_ids})").collect(&:title).select { |t| re.match t }.sort
    render :inline => "<%= content_tag(:ul, @tasks.map { |t| content_tag(:li, h(t)) }) %>"
    # I wanted to add the task project name...
    # We can't do this or when we hit enter on a entry, the entry will contains the project name and the task will not be found
    #@tasks = Task.find(:all,:conditions=>"project_id in (#{p_ids})").select { |t| re.match t.title }.sort_by {|t| t.title.upcase}
    #render :inline => "<%= content_tag(:ul, @tasks.map { |t| content_tag(:li, h(t.project.name+': ' + (t.done==1? '(done)':'')+' '+t.title)) }) %>"
  end

  def current_user
    # TODO memorize the user
    #return @current_user if @current_user # does not work
    id = session['user']
    return nil if not id
    @current_user = User.find(id)
    #puts 'loaded'
    #@current_user
  end

private

  def disable_link_prefetching
    if request.env["HTTP_X_MOZ"] == "prefetch" 
       logger.debug "prefetch detected: sending 403 Forbidden" 
       render_nothing "403 Forbidden" 
       return false
    end
  end

  def log_action
    @action_log = ActionLog.new
    # who is doing the activity?
    @action_log.session_id = session.session_id #record the session
    @action_log.browser = request.env['HTTP_USER_AGENT']
    @action_log.ip = request.env['HTTP_X_FORWARDED_FOR'] || request.env['REMOTE_ADDR']
    # what are they doing?
    @action_log.controller        = controller_name
    @action_log.action            = action_name
    @action_log.controller_action = controller_name + "/" + action_name
    @action_log.params            = params.inspect # wrap this in an unless block if it might contain a password
    @action_log.user_id           = session['user']
    @action_log.project_id        = session[:selected_project]
    @action_log.save!
  end  
  
  def verify_admin_login
    return if session['admin'] != nil

    # change the pwd hash to suit your need
    if params['l'] != nil and Digest::SHA1.hexdigest(params['l']['l'])=='e81fe20d2df326dfbe5e6e3b592aa18929208c9b'
      session['admin'] = 0
      redirect_to :action=>:index
    else
      render :action=>:login
    end

  end
  
end

